Package: wnpp Severity: normal The current maintainer of libsafe, Ron Rademaker <[EMAIL PROTECTED]>, has orphaned this package. If you want to be the new maintainer, please take it -- retitle this bug from 'O:' to 'ITA:', fix the outstanding bugs and upload a new version with your name in the Maintainer: field and a
* New maintainer (Closes: #thisbug) in the changelog so this bug is closed. Some information about this package: Package: libsafe Priority: optional Section: libs Installed-Size: 256 Maintainer: Ron Rademaker <[EMAIL PROTECTED]> Architecture: i386 Version: 1.3-6 Depends: libc6 (>= 2.1.2), ldso (>= 1.8.5) Suggests: ldso (>= 1.9.0), ld.so.preload-manager (>= 0.1) Filename: pool/main/libs/libsafe/libsafe_1.3-6_i386.deb Size: 147848 MD5sum: 5902ee9bca4d0d22b637a06f940e0ecc Description: Protection against buffer overflow vulnerabilities Libsafe is a library that works with any pre-compiled executable and can be used transparently. Libsafe intercepts calls to functions known as vulnerable, libsafe uses a substitute version of the function that implements the same functionality, but makes sure any buffer overflows are contained within the current stack frame. * Ron Rademaker <[EMAIL PROTECTED]> [20011227 14:17]: > You're right that I haven't done anything about libsafe where I should > have... > > I guess the best thing to do right now is put libsafe up for adoption. > On Thu, 27 Dec 2001, Matthias Klose wrote: > > > Yotam Rubin writes: > > > Greetings, > > > > > > The last libsafe upload has been over a year ago. Since then, libsafe > > > has accumulated a large number of bugs. The current Debian release doesn't > > > seem to be very effective. I've packaged the latest libsafe and made it > > > available at: http://192.117.130.34/Fendor/debian/libsafe/ > > > Can someone NMU that? I've contacted the maintainer but received no reply. > > > It's a shame that libsafe wouldn't be usable for Debian users. > > > > - the upload isn't marked as a NMU > > > > - the package does not build from source (calls ldconfig): > > > > - the package does not build a -dev package. Correct? > > > > - the package overwrites the old library? Correct, if it's an > > extension only. But then it needs to be marked in the shlibs file. > > Else you need to build a libsafe2 and libsafe-dev package. > > OTOH, no package depends on libsafe. > > > > So it seems, we don't gain much to replace one buggy version with the > > next buggy version. > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Martin Michlmayr [EMAIL PROTECTED]
